BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] encrypted pc and pool directory

2012-05-18 07:02:36
Subject: Re: [BackupPC-users] encrypted pc and pool directory
From: Arnold Krille <arnold AT arnoldarts DOT de>
To: "General list for user discussion, questions and support" <backuppc-users AT lists.sourceforge DOT net>
Date: Fri, 18 May 2012 13:00:28 +0200 
On Thursday 17 May 2012 15:46:26 John Hutchinson wrote:
> ok That answers my question.  The issue is that we are looking at
> backing up clients machines and my boss wanted to be able to tell them
> that even we can not see their files.  I did not think it was possible
> but thought it was worth asking.

Encrypting the data on the client side has several consequences:
 - BackupPC is really good with de-duplication. The same file stored on several 
clients in several backups only takes up the space one time in the pool. With 
client-side encryption, this would be deactivated half-way as only the same 
file from the same client could be de-duplicated.
 - Client-side encryption also enforces client-side decryption. Loose the key 
on the client (because you lost the client) and you also loose all the data. 
This pretty much counters the whole purpose of a backup.

Yes, your clients have to trust you regarding the backup. But they (hopefully) 
already trust you with their system-administration.
And it will be easier for them to trust you with the backup while all is well, 
then trusting you in that you can restore at least some of their data from 
their fried disk using a clean-room and an oscilloscope.
And they should trust you with their backup instead of trusting a thieve to 
return the data...

What we do:
 - Encrypt the disk backuppc runs on, that helps when someone steals the 
disk/machine.
 - Secure our systems, that helps when someone enter the network.
 - Write gpg-encrypted tars to tape/nas. Helps when someone steals the media.

Have fun,

Arnold

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] run apache as www-data user, Tyler J. Wagner
Next by Date:  Re: [BackupPC-users] encrypted pc and pool directory, Gerry George
Previous by Thread:  Re: [BackupPC-users] encrypted pc and pool directory, Les Mikesell
Next by Thread:  Re: [BackupPC-users] encrypted pc and pool directory, Gerry George
Indexes:  [Date] [Thread] [Top] [All Lists]